Exam MS-102 All QuestionsBrowse all questions from this exam
Go to Exam
Question 183

HOTSPOT

-

You have a Microsoft 365 E5 subscription that contains the users shown in the following table.

The subscription has the following two anti-spam policies:

• Name: AntiSpam1

• Priority: 0

• Include these users, groups and domains

• Users: User3

• Groups: Group1

• Exclude these users, groups and domains

• Groups: Group2

• Message limits

• Set a daily message limit: 100

• Name: AntiSpam2

• Priority: 1

• Include these users, groups and domains

• Users: User1

• Groups: Group2

• Exclude these users, groups and domains

• Groups: Group3

• Message limits

• Set a daily message limit: 50

For each of the following statements, select Yes if the statement is true. Otherwise, select No.

NOTE: Each correct selection is worth one point.

    Correct Answer:

Discussion
Milad666

Answer is Correct : Multiple different types of exceptions aren't additive; they're inclusive. The policy isn't applied only if those recipients that match all of the specified recipient filters. For example, you configure a recipient filter exception with the following values: Users: <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="60120f0d01090e20030f0e140f130f4e030f0d">[email protected]</a> Groups: Executives The policy isn't applied to <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d7a5b8bab6beb997b4b8b9a3b8a4b8f9b4b8ba">[email protected]</a> only if he's also a member of the Executives group. If he's not a member of the group, then the policy still applies to him. https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide#use-the-microsoft-365-defender-portal-to-add-exclusions-to-the-built-in-protection-preset-security-policy

poesklap

Based on the information provided and the anti-spam policies, let's evaluate the statements: User1 can send a maximum of 150 email messages per day. User1 is included in AntiSpam2, which has a daily message limit of 50. User1 is not mentioned in AntiSpam1. User1 is not a member of Group3 (as it's in the "Exclude" list in AntiSpam2). User1 can send a maximum of 50 email messages per day (as per AntiSpam2). Answer: No User2 can send a maximum of 50 email messages per day. User2 is a member of Group1, which is included in AntiSpam1. User2 is also a member of Group2, but Group2 is excluded in AntiSpam1. User2 is not mentioned in AntiSpam2. User2 can send a maximum of 100 email messages per day (as per AntiSpam1). Answer: No So, both statements are false.

apokavk

User2 is a member of Group 2 which is included in AntiSpam 1, but not a member of group 3 which is excluded. So I think second answer is Yes

Casticod

I think NO for boths options. User 1 and 2 are members of group 1. first apply the policy with the most low priority (policy 1, priority 0)

EM1234

User 2 would be excluded from being in group 2

Vaerox

Well, I guess it could be N / N: "The priority order matters if you have the same recipient intentionally or unintentionally included in multiple policies, because only the first policy of that type (anti-spam, anti-malware, anti-phishing, etc.) is applied to that recipient, regardless of how many other policies that the recipient is included in. There's never a merging or combining of the settings in multiple policies for the recipient. The recipient is unaffected by the settings of the remaining policies of that type."

kt_thomas

I will side with the given answer on this one. Since this one is really confusing and I do not know who will create this kind of policy logic. I will just base my answer on my experience with intune policies. If I create a policy and assign it to a group then a member of a group is also added to the exclusion, the exclusion takes precedence. So the given answer here is correct in this scenario

NrdAlrt

What a bad question. There's literally nothing out there that explains whether this would exclude or include a user when they are set for both on a single policy. Only thing I can find is this link with the author talking about inclusion vs exclusion with user groups in InTune and how it doesn't mix well when mixing with device groups: https://www.petervanderwoude.nl/post/exclude-specific-groups-of-users-or-devices-from-an-app-assignment/ Per his information though, excluded user groups take precedence over included ones when the service calculates the combined results. So Group2 does not get the first policy applied because those member would be removed from the final combined inclusion calculation. It would only apply the second one. Per this logic, the answer provided is correct assuming InTune treats user group inclusions/exclusions the same as EOP. I'm betting this is something that is consistent across services. I could test this in a lab but I'm too busy ripping through questions :-)

Christianbrivio1991

the correct answer must be: 1. NO 2. NO

TP447

I think the given answer is correct on the basis that the most restrictive policy would apply for User 2 (Policy 2 in this case).

60ed5c2

I know these questions are supposed to be confusing but I find this one extra confusing. According to this - https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/how-policies-and-protections-are-combined?view=o365-worldwide - only 1 policy is applied if a user is in two policies - and the first policy is the one that is applied. For User 2 - they are in both group 1 and group 2. Only antispam1 policy would come into play because it is rank 0. But which takes precedence - inclusion or exclusion? Group 1 is included and Group 2 is excluded from the policy. I would guess that inclusion would take precedence because it is more restrictive? Therefore the answer would be No user B cannot send a max of 50 messages - they can send a max of 100 messages.

Murad01

I think given answers are correct !